In this episode, Jay and I return for a wide-ranging discussion on some of the top compliance and ethics related stories, including:

  1. We discuss our highlights from the recently concluded SCCE 2017 Compliance and Ethics Institute. See Tom’s blogs, here, here, here and here. Click here for a report from Matt Kelly.
  2. Mike Volkov explores ISO 37001 in a week-long series? See the full week’s series on his site, Corruption Crime & Compliance. Henry Cutter reports on the standard’s slow acceptance in the WSJ Risk and Compliance Report.
  3. What is the status of your Board’s training for compliance? Ben DiPietro reports in the WSJ Risk and Compliance Report.
  4. Italian prosecutor charges Shell and former execs with overseas bribery. Dick Cassin reports in the FCPA Blog.
  5. Revenue recognition rules change in December. Auditors are under orders to ‘show no mercy’ to companies which have not prepared for the changeover. Tammy Whitehouse reports in Compliance Week.
  6. Continued chaos in the Trump Administration. Matt Kelly is back with addition ethical considerations from HHS Secretary Tom Price in Radical Compliance.
  7. Astros come home down 3-2 to the NY Yankees. Will they overcome?
  8. Join Tom’s monthly podcast series on One Month to a More Effective Compliance Program. In October, I consider compliance with business ventures such as in the M&A context, joint ventures, distributors, channel ops partners, teaming agreements and all other manner of business venture. The third week I continue to take a deep dive into JVs under the FCPA. This month’s sponsor is the Volkov Law Group. It is available on the FCPA Compliance Report, iTunes, Libsyn, YouTube and JDSupra.
  9. The Everything Compliance gang recorded a podcast at the 2017 Compliance and Ethics Institute, with special guest Roy Snell sitting in for Mike Volkov. The podcast will go up Thursday October 26th.
  10. Tom premiers an exciting new service offering the Doing Compliance Master Class.
  11. AMI SVP Eric Feldman is speaking in Houston on November 2, at 1:30. If you are in Houston, please plan to join us. For more information see the GHBER website for details and registration.
  12. Jay previews the Rosen Weekend Report.

As I conclude this section on joint ventures, I want to emphasize again the risk they pose under the FCPA. Mike Volkov has stated, “A joint venture requires the integration of disparate company cultures. It can be successful, and is usually one of the significant reason for the joint venture itself.” Both parties should assess each other and decide that the joint venture is a good fit, meaning that each side will benefit. Too much time is spent on looking at the joint venture partner’s compliance toolbox (e.g. policies, procedures, and controls), and not enough time is spent on identifying compliance strengths and weaknesses. You must bring it all together with one format.

While the 2012 FCPA Guidance only provided that “companies should undertake some form of ongoing monitoring of third-party relationships”. This means that you must have an experienced compliance and audit team, actively engaged in the corporate office and in the business units, to ensure that financial controls and compliance policies are followed and that remedial measures for violations or gaps are tracked, implemented and rechecked, as additional detection and prevention. Caldwell noted it is a more encompassing “sensitization” to anti-corruption compliance that is needed. There are several ways for you to do so in a joint venture relationship. 

The starting point for the both the compliance and business management of a joint venture, is a Relationship Manager for every joint venture with which your company does business. The Relationship Manager should be a business unit employee who is responsible for monitoring, maintaining and continuously evaluating the relationship between your company and the joint venture. Some of the duties of the Relationship Manager may include:

  • Point of contact with the joint venture for all compliance issues;
  • Maintaining periodic contact with the joint venture;
  • Meeting annually with the joint venture to review its satisfaction of all company compliance obligations;
  • Submitting annual reports to the company’s Compliance Oversight Committee summarizing services provided by the joint venture;
  • Assisting the company’s Compliance Oversight Committee with any issues with respect to the joint venture.

Just as a company needs a subject matter expert in compliance to be able to work with the business folks and answer the usual questions that come up in the day-to-day routine of doing business internationally, joint ventures also need such access to such a resource. A joint venture may not be large enough to have its own compliance staff so a company should provide such a dedicated resource to joint venture, if so required. I do not believe that this will create a conflict of interest or that there are other legal impediments to providing such services. The US partner can also include compliance training for the joint venture, either through onsite or remote mechanisms. The compliance professional should work closely with the Relationship Manager to provide advice, training and communications to the joint venture. 

A company should have a Compliance Oversight Committee review all documents relating to the full panoply of a joint venture’s compliance program. It can be a formal structure or some other type of group but the key is to have the senior management put a ‘second set of eyes’ on any joint ventures. In addition to the basic concept of process validation of your risk management of joint ventures, this is a manner to deliver additional management of that risk going forward.

After the commercial relationship has begun the Compliance Oversight Committee should monitor the joint venture on no less than an annual basis. This annual audit should include a review of remedial due diligence investigations and evaluation of any new or supplemental risk associated with any negative information discovered from a review of financial audit reports on the joint venture. The Compliance Oversight Committee should review any reports of any material breach of contract including any breach of the requirements of the Company’s of joint venture’s Code of Ethics. In addition to the above remedial review, the Compliance Oversight Committee should review all compliance-impacted payments by the joint venture to assure such payment are within the company guidelines and are warranted by the contractual relationship with the joint venture. Lastly, the Compliance Oversight Committee should review any request to provide the joint venture any type of non-monetary compensation and, as appropriate, approve such requests.

A key tool in managing the affiliation with a joint venture post-contract execution is auditing. Audit rights are a key clause in any compliance terms and conditions and must be secured. Your compliance audit should be a systematic, independent and documented process for obtaining evidence and evaluating it objectively to determine the extent to which your compliance terms and conditions are followed. Noted fraud examiner expert Tracy Coenen described the process as (1) capture the data; (2) analyze the data; and (3) report on the data, which is also appropriate for a compliance audit. 

In addition to monitoring and oversight of your joint ventures, you should periodically review the health of your joint venture management program. The robustness of your joint venture management program will go a long way towards preventing, detecting and remediating any compliance issue before it becomes a full-blown FCPA violation. As with all the steps laid out, you need to fully document all steps you have taken so that any regulator can review and test your metrics. The Evaluation of Corporate Compliance programs lays out what the DOJ will be reviewing and evaluating going forward for your compliance program. You should also use these metrics to conduct a self-assessment on the state of your compliance program for your joint ventures. 

Three Key Takeaways

  1. It all starts with a Relationship Manager.
  2. Have company oversight of all joint ventures. Couple this with a Compliance Oversight Committee for a second set of eyes.
  3. Audit, monitor and remediate (as appropriate) your joint ventures on an ongoing basis.

 

This month’s podcast series is sponsored by Michael Volkov and The Volkov Law Group.  The Volkov Law Group is a premier law firm specializing in corporate ethics and compliance, internal investigations and white collar defense.  For more information and to discuss practical solutions to compliance and enforcement issues, email Michael Volkov at mvolkov@volkovlaw.com or check out www.volkovlaw.com.

For instance, the joint venture may interact with foreign government officials or employees of a state-owned enterprise; then leverage those relationships for an improper benefit either contracts, regulatory licenses, permits or customs approvals. It is difficult to regulate a joint venture’s interactions with foreign government officials when you partner is a state-owned enterprise, or where your company is relying on the local company for its local contacts and expertise for business development and/or regulatory knowledge and experience.

The risks are compounded when the US company does not exercise control of the joint venture. This is further compounded by the fact there is no minimum threshold for a FCPA enforcement action against a US company for the actions of a joint venture in which it holds an interest. If a company holds something less than majority rights, it must to urge, beg and plead for the majority partner to adhere to anti-corruption compliance standards and controls. Often, these requirements are established in the joint venture agreement but the success in securing such contract protections depends on the importance of the global company to the joint venture itself.

Another set of issues comes from the joint venture when it seeks to retain third party agents and/or distributors. Depending on the amount of control, the US company usually can impose its set of standards for conducting due diligence of third party agents and distributors. These risks become more difficult when the joint venture partner brings to the joint venture a proposed third party agent or distributor and vouches for the agent or distributor. If the joint venture partner is a state-owned enterprise, the issues become even more complicated as such referral creates an obvious red flag for a government-sponsored referral.

Now add on the fact that the foreign joint venture partner may not be proficient in English as a first language. The US company may not have financial personnel with requisite language skills in the foreign country. Some companies have a policy that English will be used throughout the world in its business dealings. However, even with such an English only policy in place, the risks represented by such lack of effective oversight by the multinational extend not only to potential FCPA violations, but to other corrupt acts, including kickbacks, fraud and theft.

At this point you have engaged in due diligence prior to the create of the joint venture agreement. The agreement itself has a robust set of compliance terms and conditions, including the right to audit. Mike Volkov has called the exercise of the right to audit one of the key elements in the risk management process around joint ventures. He advocates that any audit take a deep dive into the payments made by the joint venture to a wide range of persons and entities, including agents, suppliers, customers or any others. This would be particularly important for payments made to do business or otherwise operate legally in the joint venture’s locations. This means there should be an inspection of the joint ventures books and records to see if facilitation payments are properly recorded as facilitation payments.

Volkov noted that one interesting area which requires greater review is around payments to colleges or universities outside the US. If there are payments for research or other projects you need to audit the payments and services with an eye towards determining that the rate paid is not out of line with the local payment rate. The same holds true around gifts and entertainment as the local tradition of your foreign partner may be quite different than the expectations of an American company operating in a country such as China.

Another area for audit is if the foreign partner receives a management fee, which can be used for improper purposes. Several FCPA enforcement actions were based on this or similar payment schemes. Such fees may simply be based upon a percentage of joint venture revenue or profit, and often are not required to correspond to defined tasks, or specific efforts or hours. Most usually, there are no substantive billings associated with such fees, they simply become due. Under this type of arrangement, it is almost impossible to justify this fee if requested by the DOJ. If the foreign partner does receive such a fee, this will need to be closely scrutinized in the audit process.

Volkov advocates using a wide-range of investigation techniques in any audit of a foreign joint venture. He said that a trip to the joint venture headquarters is mandatory, as are onsite interviews with key joint venture personnel such as joint venture CEO, CFO, head of audit, head of HR and compliance. A key interview is always the head of sales for the joint venture and any head of sales who might deal with foreign governments or state-owned enterprises. Phone interviews can be used to supplement these in person interviews where appropriate.

Volkov stated that “what we were trying to put together was a product that can stand up to subsequent scrutiny, particularly by the Justice Department and the SEC.” Yet there are other key reasons for the audit; these include education, training and communication. Every time you meet with someone, you have the chance to not only listen to them but give them information on the compliance program and expectations thereunder. Equally important is the ease and (hopefully) comfort the participants in the joint venture will feel about your compliance efforts and their compliance obligations going forward.

As a baseline, I would suggest that any audit of a joint venture include, at a minimum, a review of the following:

  1. the effectiveness of existing compliance programs and codes of conduct;
  2. the origin and legitimacy of any funds paid to Company;
  3. books, records and accounts, or those of any of its subsidiaries, joint ventures or affiliates, related to work performed for, or services or equipment provided to, Company;
  4. all disbursements made for or on behalf of Company; and
  5. all funds received from Company in connection with work performed for, or services or equipment provided to, Company.

If you want to engage in a deeper dive you might consider evaluation of some of the following areas:

  • Review of contracts with joint ventures to confirm that the appropriate FCPA compliance terms and conditions are in place.
  • Determine that actual due diligence took place on the joint venture.
  • Review FCPA compliance training program; both the substance of the program and attendance records.
  • Does the joint venture have a hotline or any other reporting mechanism for allegations of compliance violations? If so how are such reports maintained? Review any reports of compliance violations or issues that arose through anonymous reporting, hotline or any other reporting mechanism.
  • Does the joint venture have written employee discipline procedures? If so have any employees been disciplined for any compliance violations? If yes review all relevant files relating to any such violations to determine the process used and the outcome reached.
  • Review employee expense reports for employees in high-risk positions or high-risk countries.
  • Testing for gifts, travel and entertainment that were provided to, or for, foreign governmental officials.
  • Review the overall structure of the joint venture’s compliance program. If the company has a designated compliance officer to whom, and how, does that compliance officer report?
  • How is the joint venture’s compliance program designed to identify risks and what has been the result of any so identified?
  • Review a sample of employee commission payments and determine if they follow the internal policy and procedure of the joint venture.
  • Regarding any petty cash activity in foreign locations, review a sample of activity and apply analytical procedures and testing. Analyze the general ledger for high-risk transactions and cash advances and apply analytical procedures and testing.

Finally, is your follow up after the audit. If there are any red flags which were not fully investigated during the audit process, that must be accomplished in this phase. Additionally, if there were action items for remediation they should be completed in a timely manner. There may be some issues which may bear greater scrutiny during the year, such as gift, travel and entertainment expenses which can be noted as well. 

Three Key Takeaways

  1. Joint Venture present unique risks FCPA risks and must be managed accordingly.
  2. Your final report needs to consider the final viewer of the document, potentially the DOJ or SEC.
  3. Be sure to follow up on any red flags raised but not cleared and action items for remediation or additional scrutiny.

 

This month’s podcast series is sponsored by Michael Volkov and The Volkov Law Group.  The Volkov Law Group is a premier law firm specializing in corporate ethics and compliance, internal investigations and white collar defense.  For more information and to discuss practical solutions to compliance and enforcement issues, email Michael Volkov at mvolkov@volkovlaw.com or check out www.volkovlaw.com.

In this episode, I visit with branding expert Linda Justice. We discuss the role of a Board of Directors in corporate branding. We discuss ‘what is branding?’

  • Perception of a company?
  • The customer experience?
  • The stakeholders’ experience?
  • Investors experience?
  • Employees experience?
  • Is it found in print, advertising, word of mouth?
  • Or is it LIVE—as in Twitter, Customers complaining or praising in real time?

Linda explains how branding is all of these things. She explains why a Board should care about branding as it helps to grow the company and protects (or harms) the company’s reputation. She also explains how With a STRONG BOARD and a STRONG ETHICAL BACKBONE and CULTURE, this enhances branding for Customers, Employees and other stakeholders. Justice also relates that a company grows on the strength of its employees and on customers buying their products and services and concludes on the note that ethics must be part of the brand to sustain and grow both.

Numerous US companies have come to FCPA grief for their overseas joint ventures and the continue to be a bane for many companies under the Act. There are some basic compliance terms and conditions which should be considered for any foreign joint venture agreement to help US companies manage these compliance risks.

As a starting point, it is important to have compliance terms and conditions, these reasons can include some of the following: (1) to set expectations between the parties; (2) to demonstrate the seriousness of the issue to the non-US party; and (3) to provide a financial incentive to do business in compliant manner.

  1. Prohibition of all forms of bribery and corruption. Many foreign joint venture partners may not understand that the FCPA applies to them if they partner in a business relationship with a US company. Further, they do not understand that they may be governmental officials under the FCPA. This all must be spelled out for them so you should have language regarding the following:
  • Prohibition of all forms of bribery and corruption, but you should be careful to make note that FCPA is broader than simple bribery; it includes hospitality/gifts/entertainment/travel as well.
  • Affirmation of FCPA compliance, this should be in writing and it should also require that the non-US party understand or have familiarity with the FCPA, as well as that they will comply with the tenets of the FCPA.
  • Agreement to comply with local laws and customs regarding anti-bribery and anti-corruption in the jurisdiction where it is located and/or does business.
  1. Right to Cancel and Recoupment rights. These should include the following:
  • Right to cancel the contract if there is a compliance violation or breach of contract because that allows you maximum flexibility.
  • Withhold any payments due.
  • Allow for disgorgement of any monies previously paid under the agreement.
  • Take any other action you think necessary or appropriate.
  1. Duties
  • Spell out exact duties and deliverables of the Joint Venture.
  • Employees of the joint venture have continuing duty to adhere to training.
  • There will be updated due diligence performed on the JV partner.
  • There is an ongoing duty to report changes in ownership structure of any non-US partner. This includes changes in corporate structure and/or corporate leadership. There must be immediate notification to the US company and it is particularly important when government changes.
  • Require that the joint venture follow generally accepted accounting principles (GAAP), and conduct an annual audit by an agreed upon independent accounting firm.
  • Prohibit the creation of any funds without the approval of the joint venture’s governing body (supermajority approval in the case of minority interest by the multinational).
  • If the foreign joint venture partner has day-to-day management responsibilities, require dual signatures for checks or electronic funds transfers drawn on joint venture bank accounts.
  • Require that the joint venture conduct investigative due diligence on agents, consultants and other third parties retained by the joint venture.
  • Require the implementation of a code of business conduct by the joint venture and implement an anonymous reporting mechanism for joint venture employees.
  1. Audit Rights – these are an important tool in your joint venture risk management process and must be included in any joint venture agreement. In addition to putting your JV partner on notice that you are not simply willing to look the other way once the agreement is signed, it is an active acknowledgement that there will be ongoing transactional review during the term of the joint venture agreement. If any illegal payments are made or discovered the US company should retain full access to the audit trail which it can then turn over to the proper authorities. Additionally, the joint venture should have the right to audit any agent(s) it may hire for its own use.

If you have audit rights you must exercise them. The same calculus is true for termination rights. If you have a good faith belief that your JV-US partner has violated the FCPA, you better exercise your right to terminate. If you do not do so, your US company will probably be in more hot water with the DOJ.

  1. Prohibited Parties – the Joint Venture will not deal with US designated Prohibited Countries, Prohibited Parties or any other persons or entities on any such OFAC prohibited list.
  2. Certifications-you should specify that the foreign partners will annually, personally, certificate that they have not violated the FCPA on any matters relating to the joint venture, are aware of no FCPA violations by the joint venture which they have not previously reported and have received and understood annual FCPA training.

Lastly one area which is continuing to be problematic is that of how to make payments. Some of the tools to manage this risk are the following:

  • Always try to make payments via wire transfer.
  • No large upfront payments unless designated for legitimate start-up expenses.
  • Pay only to the named company, not unknown third parties.
  • Payment in local currency, however you can pay in USD. The key is consistency in how you are paying and your documentation.
  • Pay where the agent’s country of residence or where the work is done.

All the above steps should be taken only after extensive due diligence has been completed. After the contract is signed your company will have to work just as hard to keep the compliance program for any joint venture robust and meaningful. However, with these terms and conditions in place, you will have a chance to maintain your FCPA obligations and to manage the risk that is involved when working jointly with non-US companies.

Three Key Takeaways

  1. Failure to secure appropriate compliance terms and conditions in a JV agreement can cause great FCPA risk for a US company.
  2. Certifications are important requirements to obtain.
  3. Audit rights must be secured and equally importantly, exercised.

 

 

This month’s podcast series is sponsored by Michael Volkov and The Volkov Law Group.  The Volkov Law Group is a premier law firm specializing in corporate ethics and compliance, internal investigations and white collar defense.  For more information and to discuss practical solutions to compliance and enforcement issues, email Michael Volkov at mvolkov@volkovlaw.com or check out www.volkovlaw.com.